Os investigadores encontraram 37 vulnerabilidades em quatro apps populares VNC open-source existentes desde 1999. Essas vulnerabilidades permitem que os atacantes comprometam os sistemas de destino remotamente.
De acordo com a análise da Kaspersky, mais de 600.000 servidores VNC estão acessiveis na Internet, resultados obtidos via Shodan.
37 vulnerability discovered with four VNC components that include ten in LibVNC, four in TightVNC 1.X, one in TurboVNC and 22 in UltraVNC.
As aplicações VNC estão disponíveis nas versões gratuita e comercial e são compatíveis com sistemas operativos como Windows, Linux, macOS e Android.
An attacker is on the same network with the VNC server and attacks it to gain the ability to execute code on the server with the server’s privileges.
A user connects to an attacker’s ‘server’ using a VNC client and the attacker exploits vulnerabilities in the client to attack the user and execute code on the user’s machine.
The bugs have been reported to the developers and most of them have been fixed already, except TightVNC 1.x which was no longer supported. Developers recommended using TightVNC 2.X versions.
Os investigadores recomendaram monitorizar os programas de acesso remoto da infraestrutura, verificar os dispositivos ligados remotamente e recomendam também o uso de palavras-passe fortes.
Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker, Malware Analyst, Cybersecurity Analyst and also a Security Evangelist. He is also a founding member and Pentester at CSIRT.UBI and founder of the security computer blog seguranca-informatica.pt.
In recent years he has invested in the field of information security, exploring and analyzing a wide range of topics, such as pentesting (Kali Linux), malware, hacking, cybersecurity, IoT and security in computer networks. He is also Freelance Writer.
Read more here.